SAP Knowledge Base Article - Public

3458455 - User is Still Able to View Documents Assigned to Other Organizations

Symptom

The access restriction was performed for some users, which would allow them to view only documents from a set of organization units, however, when the user logs into the system, they are able to view documents created for organization units which are restricted. 

Environment

SAP Business ByDesign 

Reproducing the Issue

  1. Go to the Application and User Management work center.
  2. Select the Business Users view.
  3. Search for ID ABC (ABC represents the ID of the Business User).
  4. Click Edit.
  5. Navigate to the Work Center and View Assignments tab.
  6. Expand CRM_WOC_SALESORDERS.
  7. Select CRM_RETURNS.
  8. Make as Restricted for Read and Write.

  9. Under the Detailed Restriction subtab.
  10. Mark the following Access Group IDs as Read and Write Access.
  11. HIJ and MNO (HIJ and MNO represent the IDs of the Organization Unit).

  12. Navigate to the Sales Orders work center.
  13. Select the Returns view.
  14. Search for ID XYZ (XYZ represents the ID of the Return).
  15. Click Edit.
  16. Navigate to the Involved Parties tab.
  17. Sales Unit assigned: HIJ (unit not assigned to the user).

Cause

The reason the user is still able to view documents that belongs to the organization units which have been restricted during the assignment is because the organization unit was not assigned to a manager. 
When an organizational unit is not assigned to a manager, for the access control list, the unit does not have an owner, causing it to remain with a shared ownership and allowing any user to have access to it or to documents created from such units.

Resolution

This is the expected system behavior. 

In order to solve this, please assign a responsible for each organization unit being used in the sales process.
Once this is fulfilled, the users with a set of restrictions will only be able to view documents which fall within the managers ownership.

See Also

2770652 - Access Restriction for Business User is not Working as Expected

Keywords

Return, Access, Restriction, User, Business User, Work Center, View, Work Center and View Assignments, Business Users, CRM_WOC_SALESORDERS, CRM_RETURNS_SERVICE , KBA , AP-CRP-CR , Customer Return , How To

Product

SAP Business ByDesign all versions